Secure GCP VPC with HTTPS LB, App & AI Subnets

HTTPS traffic enters via Cloud Load Balancer to private app services (React, API on GKE/Cloud Run). AI GPU workers run i...

84 views

Viewed 84 times

Create a free account to remix this architecture

Secure GCP VPC with HTTPS LB, App & AI Subnets

HTTPS traffic enters via Cloud Load Balancer to private app services (React, API on GKE/Cloud Run). AI GPU workers run in a separate subnet with NAT egress, using private access to SQL, Storage, and Pub/Sub.

advanced

GCP

Architecture Description

GCP secure architecture with a public Cloud Load Balancer for HTTPS ingress, a private VPC containing two subnets: App Subnet for React frontend, Cloud Run or GKE backend API, Cloud SQL, Cloud Storage, and Pub/Sub; and an AI Subnet for GKE GPU workers, Gemini API, Cloud Storage, and Pub/Sub. Include Cloud NAT Gateway for egress from AI subnet. Ensure all components use private access and secure networking.

Community Discussion

Be the first to comment

Share your thoughts on this architecture

AI Analysis(1)

AI Review

Tradeoff

about 2 months ago

I appreciate the effort put into designing a secure GCP architecture with a clear emphasis on private networking and component isolation. However, one significant concern I have is regarding the reliance on a single public HTTPS load balancer for all ingress traffic.

Santhosh S

@sardyshan

Founder

View portfolio

Try it in the Playground

Open an interactive version — fork it, generate AI variants, or share it with your team.

Open Playground